Title: Lead Security Engineer (they could take a hands-on manager level)
Duration: PERM
Location: Philadelphia, PA 19124 - Onsite x3 per week Tues-Thursday - free parking
Must-haves
- 5+ years of hands‑on experience in information security, with a strong blue team focus
- Proven experience in incident response, threat detection, and vulnerability management
- Hands‑on experience with Microsoft Defender and Microsoft Sentinel
- Experience securing Azure and Microsoft 365 environments
- 3+ years of experience leading or managing security personnel – they will be managing 3 people and must have had direct reports in the past.
- Ability to act as an escalation point and lead security investigations
- Bachelor’s degree in a related field or equivalent hands‑on experience
- CISSP required
Day-to-Day
A mid‑size hospital system based in Philadelphia is seeking an experienced Lead Security Engineer to join its Cyber Security team. This role will serve as a hands‑on technical leader for the organization’s blue team security operations, while also managing and mentoring a team of three security analysts. Red team experience is a strong plus. This individual will play a critical role in protecting the organization’s cloud and enterprise environments, leading incident response efforts, strengthening vulnerability management practices, and advancing the overall security maturity of the organization.
Key Responsibilities
- Lead day‑to‑day blue team security operations, including incident response, threat detection, and vulnerability management
- Serve as an escalation point for security incidents, conducting hands‑on investigations related to malware, data loss, insider threats, and other security events
- Manage, mentor, and develop a team of three security analysts, providing technical guidance, prioritization, and performance oversight
- Design, implement, and optimize security controls across Microsoft Azure and O365 environments, including identity, endpoint, and cloud security
- Utilize and manage Microsoft security tools such as Microsoft Defender, Microsoft Sentinel (SIEM/SOAR), and related Azure security services to monitor, detect, and respond to threats
- Contribute to the development and implementation of the organization’s security governance model, policies, and standards
- Develop and maintain security metrics and reporting to measure operational effectiveness, risk posture, and security maturity
- Partner closely with IT, infrastructure, cloud, and business stakeholders to understand requirements and influence system and architectural decisions from a security perspective
- Support vulnerability assessment and remediation efforts, working with technical teams to drive risk reduction
- Collaborate with red team resources as applicable; prior hands‑on red team or offensive security experience is a strong plus
